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DETAILED ACTION 

1. Claims 1-32 are pending for examination. 

Claim Rejections - 35 USC § 103 

2. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1-3, 9-11, and 25-32 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Cota-Robles et al. (hereafter Cota-Robles) (U.S. Publication No. 
2002/0143842). 

4. Cota-Robles was cited in the previous office action. 

5. As per claim 1, Cota-Robles teaches the invention substantially as claimed 
including a method for controlling input/output (I/O) operations of a user's computer 
comprising the following step: 

implementing the user's computer a virtual machine (VM) (paragraphs [0019- 

0020]); 

including an interface software component between the VM and a physical 
computer system that includes at least one device (paragraphs [0019]-[0020]); 
in the interface software component: 
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sensing a request for an I/O operation between the VM and the device 
(paragraphs [0027], [0029], [0042], [0047]); 

performing a transformation of I/O data passing between the VM and the 
device (paragraphs [0015], [0027], [0047]); 

the transformation of the I/O data thereby being undefeatable by any user action 
via the VM (paragraphs [0025], [0027], [0029], [0047]). 

6. With respect to the limitation of said transforming being adjunct to necessary 
completion of the request as issued for the I/O operation, Cota-Robles disclosed that 
there are to be "zero or more" transformations, which implies that the transformations 
may be wholly unnecessary (paragraph [0027]). Therefore it would have been obvious 
to one of an ordinary skill in the art that Cota-Robles suggests transformation may not 
be necessary (adjunct, optional, or not required) for proper completion of the 
input/output operations. 

7. As per claim 2, Cota-Robles teaches: 

the device is a display (paragraph [0015]); 

the I/O data is VM display data output from the VM and intended for display 
(paragraphs [0015], [0027], [0029], [0042], [0047]); and 

the transformation is a replacement of at least a portion of the VM display data 
with non defeatable display data stored external to the VM (paragraphs [0015], [0027], 
[0047]); 
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further including the step of displaying the VM display data with the non- 
defeatable display data overlaid (paragraphs [0015], [0025], [0027], [0029], [0047]). 

8. As per claim 3, Cota-Robles further teaches: 

filtering the I/O data with respect to at least one predetermined filtering condition 
(paragraphs [0027], [0029], [0042], [0047]); 

performing the transformation of the I/O data only when the filtering condition is 
met (paragraphs [0027], [0029], [0042], [0047]). 

9. As per claim 9, Cota-Robles teaches the transformation comprises insertion into 
the I/O data of a source indication associated with the VM (paragraphs [0027], [0029], 
[0042], [0047]). 

10. As per claim 10, Cota-Robles teaches the transformation is time-varying 
(paragraphs [0015], [0023]). 

11. As per claim 1 1 , Cota-Robles teaches the device is a network connection device 
(paragraphs [0015], [0023]). 

12. As per claim 25, Cota-Robles teaches: 

the VM supports a plurality of I/O modes (paragraphs [0015], [0023]); 
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the step of filtering is performed on I/O data corresponding to a first one of the 
plurality of I/O modes (paragraphs [0027], [0029], [0042], [0047]); and 

the transformation is applied to I/O data in a second one of the I/O modes when 
the I/O data in the first mode satisfies a transformation-triggering criterion (paragraphs 
[0015], [0027], [0029], [0042], 0047]). 

13. As per claim 26, Cota-Robles teaches the I/O modes include a video mode and 
an audio mode (paragraphs [0015], [0023]). 

14. As per claims 27-28, it is rejected for the same reason as claim 1 above. 

15. As per claim 29, Cota-Robles teaches the device is a display and the I/O data is 
VM display data (paragraph [0015]). 

16. As per claim 30, Cota-Robles further teaches: 

a display buffer within the VMM for storing the VM display data that is output from 
the VM and is intended for display (paragraphs [0015], [0027], [0042], [0047]); 

a transformation software module comprising computer-executable code within 
the interface software component for replacing at least a portion of the VM display data 
stored in the display buffer with non-defeatable display data (paragraphs [0015], [0027], 
[0042], [0047]); and 
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in which the display is provided for displaying the contents of the display buffer 
(paragraphs [0015], [0023], [0027], [0042], [0047]). 

17. As per claim 31 , Cota-Robles teaches the device is a data storage device 
(paragraphs [0015], [0023]). 

18. As per claim 32, Cota-Robles teaches the device is a network connection device 
(paragraphs [0015], [0023]). 

19. Claims 4-5, 8, and 21-24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Cota-Robles et al. (hereafter Cota-Robles) (U.S. Publication No. 
2002/0143842), as applied in claim 1 above, and in view of O'Neil et al. (hereafter 
O'Neil) (U.S. Patent No. 5987440). 

20. O'Neil was cited in the previous office action. 

21 . As per claim 4, Cota-Robles teaches the invention substantially as claimed in 
claim 1. Cota-Robles did not specifically teach the filtering condition is that the I/O data 
includes at least one restricted term. 
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22. However, O'Neil teaches the filtering condition is that the I/O data includes at 
least one restricted term (abstract; col. 56, lines 5-40; col. 57, line 60 through col. 58 
line 63). 

23. It would have been obvious to one of an ordinary skill in the art at the time the 
invention was made to have combined the teaching of Cota-Robles and O'Neil since 
Cota-Robles, while presenting a method of representing a processing device in a virtual 
machine to control input and output, does not present specific types of input/output 
devices, or how certain features therein would be implanted. Modern computing is 
embodied within a networked environment to point where it is nearly commonplace. 
With this advent in computing, protecting the integrity of data is of utmost importance. 
O'Neil provides a method of protecting information security within a virtual private 
network, or other type of network, such that personal data or other sensitive data can be 
trusted and more securely transferred. 

24. As per claim 5, O'Neil teaches the filtering condition is that the I/O data is from a 
restricted source (abstract; col. 56, lines 5-40; col. 57, line 60 through col. 58 line 63). 

25. As per claim 8, O'Neil teaches the filtering condition is the presence in the I/O 
data of a copy protection indication (abstract; col. 56, lines 5-40; col. 57, line 60 through 
col. 58 line 63). 
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26. As per claim 21 , O'neil teaches: 

the device is a network connection device (abstract; col. 56, lines 5-40; col. 57, 
line 60 through col. 58 line 63); 

the requested I/O operation is a transfer of data between the VM and the network 
connection device (abstract; col. 56, lines 5-40; col. 57, line 60 through col. 58 line 63); 
and 

the step of performing the transformation comprises changing at least a portion 
of the data during the transfer between the VM and the network connection device 
(abstract; col. 56, lines 5-40; col. 57, line 60 through col. 58 line 63). 

27. As per claim 22, O'Neil teaches the step of performing the transformation of the 
I/O data comprises encrypting data written by the VM to the network connection device 
and decrypting data read from the network connection device by the VM (abstract; col. 
56, lines 5-40; col. 57, line 60 through col. 58 line 63). 

28. As per claim 23, O'neil teaches the step of performing the transformation of the 
I/O data comprises compressing data written by the VM to the network connection 
device and decompressing data read from the network connection device by the VM 
(abstract; col. 56, lines 5-40; col. 57, line 60 through col. 58 line 63). 
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29. As per claim 24, O'Neil teaches the step of performing the transformation of the 
I/O data comprises cryptographic transformation of the I/O data (abstract; col. 56, lines 
5-40; col. 57, line 60 through col. 58 line 63). 

30. Claims 6-7, and 15-17 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Cota-Robles et al. (hereafter Cota-Robles) (U.S. Publication No. 
2002/0143842), as applied in claim 1 above, and in view of Pasieka (U.S. Patent No. 
6587945). 

31 . Pasieka was cited in the previous office action. 

32. As per claim 6, Cota-Robles teaches the invention substantially as claimed in 
claims 1 , and 3 above. Cota-Robles did not specifically teach: 

the I/O data includes image data; 

the step of filtering the I/O data comprises detecting the presence of a 
representation of a target within the image data; and 

the transformation is substitution of a representation of a replacement image in 
place of the representation of the target image. 

33. However, Pasieka teaches: 

the I/O data includes image data (col. 4, line 58 through col. 5, line 17); 
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the step of filtering the I/O data comprises detecting the presence of a 
representation of a target within the image data (col. 4, line 58 through col. 5, line 17); 
and 

the transformation is substitution of a representation of a replacement image in 
place of the representation of the target image (col. 4, line 58 through col. 5, line 17). 

34. It would have been obvious to one of an ordinary skill in the art at the time the 
invention was made to have combined the teaching of Cota-Robles and Pasieka since 
Cota-Robles, while presenting a method of representing a processing device in a virtual 
machine to control input and output, does not present specific types of input/output 
devices, or how a certain features therein would be implemented. In the systems that 
utilize virtual machines, Internet applications or other network computing is very 
common. Along with this type of processing comes a transfer of image data or other 
display data. While Cota-Robles mentions this type of input/output briefly, it does not 
specifically address how the transmission of these images would be protected. Pasieka 
provides such a method of digitally signing an image before it is transferred such that 
the origin and integrity of a document or image can be verified before it is displayed on 
a user's screen. 

35. As per claim 7, Pasieka teaches: 

the I/O data is in a non-character image format (col. 4, line 58 through col. 5, line 



17); 
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the target image is a representation of a restricted character string (col. 4, line 58 
through col. 5, line 17); and 

the step of filtering the I/O data comprises applying character recognition to the 
I/O data (col. 4, line 58 through col. 5, line 17). 

36. As per claim 15, Pasieka teaches: 

the device is a display (col. 4, line 58 through col. 5, line 17); 
the display renders data stored in a display map (col. 4, line 58 through col. 5, 
line 17); and 

the step of performing the transformation comprises altering a selected portion of 
the display map (col. 4, line 58 through col. 5, line 17). 

37. As per claim 16, Paseika teaches the step of altering the selected portion of the 
display data comprises substituting non-defeatable display data for the selected portion 
(col. 4, line 58 through col. 5, line 17). 

38. As per claim 17, Paseika teaches the step of altering the selected portion of the 
display data comprises changing all occurrences in the display map of a display color to 
a replacement color (col. 6, lines 15-54). 

39. Claims 12-14 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Cota-Robles et al. (hereafter Cota-Robles) (U.S. Publication No. 2002/0143842), as 
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applied in claim 1 above, and in view of Narlikar et al. (hereafter Narlikar) (U.S. 
Publication No. 2002/0069241). 

40. Narlikar was cited in the previous office action. 

41. As per claim 12, Cota-Robles teaches the invention substantially as claimed in 
claims 1, and 11. Cota-Robles did not specifically teach the transformation is a 
bandwidth limiting of the I/O data being transferred between the VM and the network 
connection device. 

42. However, Narlikar teaches the transformation is a bandwidth limiting of the I/O 
data being transferred between the VM and the network connection device (abstract, 
paragraphs [0003]-[0005], [0012], [0019]). 

43. It would have been obvious to one of an ordinary skill in the art at the time the 
invention was made to have combined the teaching of Cota-Robles and Narlikar since 
in a networked computing environment, processing bottlenecks can lead to loss of data, 
inconsistent processing, or other failures. This particular type of input/output processing 
must be accounted for in a network environment. Often, such that one node does not 
handle an excessive amount of requests. Narlikar provides such a proxy server, which 
determines the best way to distribute that request. Thus, processing throughput can be 
improved giving rise to more reliable and efficient processing. 
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44. As per claim 13, Narlikar teaches: 

the requested I/O operation is transfer of the I/O data between the VM and the 
network connection device (abstract, paragraphs [0003]-[0005], [0012], [0019]); and 

the transformation in a time delay of the transfer (abstract, paragraphs [0003]- 
[0005], [0012], [0019]). 

45. As per claim 14, Narlikar teaches: 

the requested I/O operation is transfer of the I/O data from the VM to a first 
destination address via the network connection device (abstract, paragraphs [0003]- 
[0005], [0012], [0019]); and 

the transformation is a redirection of the I/O data to a second destination address 
different from the first (abstract, paragraphs [0003]-[0005], [0012], [0019]). 

46. Claims 18-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Cota-Robles et al. (hereafter Cota-Robles) (U.S. Publication No. 2002/0143842), as 
applied in claim 1 above, and in view of Samar (U.S. Publication No. 2002/0078049). 

47. Samar was cited in the previous office action. 

48. As per claim 18, Cota-Robes teaches the invention substantially as claimed in 
claim 1. Cota-Robles did not specifically teach: 

the device is a data storage device; 
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the requested I/O operation is a transfer of data between the VM and the storage 
device; and 

the step of performing the transformation comprises changing at least a portion 
of the data during the transfer between the VM and the storage device. 

49. However, Samar teaches: 

the device is a data storage device (abstract; paragraphs [0029], [0030], [0040], 
[0041]); 

the requested I/O operation is a transfer of data between the VM and the storage 
device (abstract; paragraphs [0029], [0030], [0040], [0041]); and 

the step of performing the transformation comprises changing at least a portion 
of the data during the transfer between the VM and the storage device (abstract; 
paragraphs [0029], [0030], [0040], [0041]). 

50. It would have been obvious to one of an ordinary skill in the art at the time the 
invention was made to have combined the teaching of Cota-Robles and Samar since 
Cota-Robles, while presenting a method of representing a processing device in a virtual 
machine to control input and output, does not present specific types of input/output 
devices, or how certain features therein would be implemented. Modern computing 
utilizes data stores and databases to store sensitive data. With this advent in 
computing, protecting the integrity of the data is utmost importance. Samar provides a 
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method of determining if data that is to be stored is of a sensitive nature, and if so, 
encrypting the data such that it can be protected against unauthorized access. 

51 . As per claim 1 9, Samar teaches the step of performing the transformation of the 
I/O data comprises encrypting data written by the VM to the data storage device and 
decrypting data read from the data storage device by the VM (abstract; paragraphs 
[0029], [0030], [0040], [0041]). 

52. As per claim 20, Samar teaches the step of performing the transformation of the 
I/O data comprises compressing data written by the VM to the data storage device and 
decompressing data read from the data storage device by the VM (abstract; paragraphs 
[0029], [0030], [0040], [0041]). 

Response to Arguments 

53. Applicant's arguments filed 04/24/2006 have been fully considered but they are 
not persuasive. 

54. In the remark applicant argued that Cota-Robles fails to teach transforming being 
adjunct to necessary completion of the request as issued for the I/O operation, since 
Cota-Robles disclosed that there are to be " zero or more" transformations (i.e. 
performing zero (no) transformation is not the same as performing a transformation). 
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55. With respect to this point, examiner respectfully disagreed. According to the 
MPEP Section 2145 Index X sub-set D, stated "the prior art's mere disclosure of more 
than one alternative does not constitute a teaching away from any of these alternatives 
because such disclosure does not criticize, discredit, or otherwise discourage the 
solution claimed...." In re Fulton, 391 F.3d 1195, 1201, 73 USPQ2d 1141, 1146 (Fed. 
Cir. 2004). Therefore the fact that Cota-Robles's system can perform zero 
transformation when one is not necessary, does not teach away from performing the 
transformation when it is necessary. Thus, there is an alternative that at least one 
transformation is performed. Therefore, it would have been obvious to one of an 
ordinary skill in the art at the time the invention was made to have recognized that Cota- 
Robles teaches transforming being adjunct to necessary completion of the request as 
issued for the I/O operation. 

Conclusion 

56. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

Neiger et al. (U.S. Patent No. 70359630 teaches virtual machine monitoring. 

57. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
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TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

58. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jennifer N. To whose telephone number is (571) 272- 
7212. The examiner can normally be reached on M-T 6AM- 3:30 PM, F 6AM- 2:30 PM. 

59. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Meng-Ai An can be reached on (571) 272-3756. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

60. Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
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USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Jennifer N. To 
Examiner 
Art Unit 2195 




